Jonathan Zhong
Oct 07, 2019
5:25 pm

KNOX SDK does not broadcast "com.samsung.android.knox.intent.action.APPLICATION_FOCUS_CHANGE" for Dual Messenger apps.

Hi, KNOX SDK development team:

My testing results have shown that KNOX SDK does not broadcast "com.samsung.android.knox.intent.action.APPLICATION_FOCUS_CHANGE" for Dual Messenger apps. The SDK broadcasts this Intent only for Primary Messenger apps. This is a security bug.

To reproduce this bug:

1. Implement or use an exisitng KNOX SDK client which can receive this broadcast.

2. Install a Primary Messenger app, such as Facebook. When this Primary Messenger app is in the foreground, the KNOX SDK client can receive this broadcast. This is good.

3. Turn on Dual Messeger feature from Facebook Primary Messenger app, then install its Dual Messenger app. Launch it. the KNOX SDK client can NOT receive this broadcast. This is bad.

Can the KNOX SDK development team fix this security bug? Thanks!

Jonathan

PayJoy, Inc.

Raunak B.Samsung SEAP Moderator
Oct 10, 2019
12:02 am

Hi Jonathan,

 

We are currently reproducing the issue. Once the problem has been reproduced, we will escalate this security bug and roll out a fix as soon as possible.

I'm sorry about any inconveniences this may have caused.

 

Thank you for notifiying us!

Best regards.